Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 01:32

General

  • Target

    084389671ebc0e80e338632923b423c3_JaffaCakes118.html

  • Size

    187KB

  • MD5

    084389671ebc0e80e338632923b423c3

  • SHA1

    e1c794abe1a93e145169e95e649bf0dc32739d86

  • SHA256

    ad21e8885e6dd37ae0e6f2b44439b8c09d3c9032312393c31c28f7295b31f1cb

  • SHA512

    03388b7f4ed0e2ee2d65b44479a6249abba927acc7be84bd70cf1fc3fd03ed8c03c35cdf51528590cb62e075602291fcfe74a07581dc4dca970003322efc18d0

  • SSDEEP

    3072:ScsW/4sG+yfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:Sc+sMYod+X3oI+YS1tA8

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\084389671ebc0e80e338632923b423c3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1280 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc2f1f4774dc7836fc51b833d7b5e9bf

    SHA1

    aef91128fc135f48be57241a35b1f3cd28905991

    SHA256

    552cafdcce95428ce23769c53cf20592a064de8a4e83532431b6ac4917d98fc0

    SHA512

    624999219c27b8688f479021393237366825b7b642d82e92bf2406c20144a0e681d61e3f1019b98189134204f3acf7425855a0511390c9aa964b415b7ffe0fd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f263f68abdabf06fddd118ac3f39b06

    SHA1

    6e1fe6953a1fc7a15ba57ef9b82364b9a5a268af

    SHA256

    e835a9143cff864eb7eccc1f9c4eb236d81e81281a9eb867e329200e4fc78a19

    SHA512

    bc27759e9ac04d14ad43455af29475992a7b79ef6bb4fc5510614ed950a355074ec92595f1214d67ba9adfa0036bfbde891150503f3e2fecedcf4de698fc3bdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    889561800191309b5bb35993de82c3bb

    SHA1

    e1c73e37080e95dd0c9a59edb30911fd36b330f7

    SHA256

    a14593a64cd8115da67bf162fe87019515d291c06ee72400b3576a83f7bfa4f5

    SHA512

    1b68a0fc9f346acb650f5c8919dc4ddd2c41755e7af8669fd855a9c37efd6ab5e25432defc5e393a0d5eb06aeb656a1af3294ab5bb9a0a9780b4571f2f6bc578

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    465099ed4c39c1b401ccf6d51711e7b4

    SHA1

    a7b8a449ef541b027117f5e5dbb35abc150ae2de

    SHA256

    16b821f49de8c5aa0b48b04f22cd9b62217b6ac7ee90c65e3bd5621c3c84a0c9

    SHA512

    2b93a0cfb25c6728940cea56b9deb1aff7a5ff11e0812f430253200e2a1c21bf55b061455cac90b4f1572994310ff8b034e129223b44d69d01610b14738697b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2210ed3d500f2c39ee92c9c1f4c3e21

    SHA1

    089633278fa65adae80b8ed6f63e8aeb46442f2b

    SHA256

    a1c52257dd199e4fef43ca9be422a75ed7e81f72c2be33761b541d55469c8984

    SHA512

    c193448ec2597a9d12ab9eb70a3820c99e0d45184b26bd3b04a9007617520f96c37e9c252615fd665be27df459bb4ac045e336a70e12d63ff4de96b31682c449

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    373f64d52b39b5125492ca1b3dbd9097

    SHA1

    7e788991b6e00075d2c3d8c1a8cdc5bc0cd3dfd2

    SHA256

    79544fb43ae91d8c331e4d8bb47eafebb9aa2437c3c445231ec18b56553d02a6

    SHA512

    b68149f16312773940a93502490541efe12e58a434c36f58cb4575df0291407cf3a7225d6996ef77e12e4f8892dbafc7ff72212c5269568c1a39218666da4392

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5abd79a6e67488d8bbb449e0eb738398

    SHA1

    f4aacf54011361adb6f4e9727af0f98a399ecbe8

    SHA256

    095d8265fa6c6053195b2c3aa994b916a7efaf92f3aec4bc1feb5a4843f49b9f

    SHA512

    f48ba4ae200277f81b8cc7580337cd1f5340bf3aca83595f31c06ceb3615182967ba20d545c56b24c1cf6e8db75004732969a810de25b2aa7307874bf5ca8a97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    956a576022009f881b450e654001cbb5

    SHA1

    42df78c44d2ee269623656e569cf8aa8bedbf1cd

    SHA256

    e7d436357e561facec2b057844fd04d4929dab900ef1af7c927e1dbbaa001e1f

    SHA512

    91d27e47d18a3cb40153dde78eb6c936608182656dea5ab9eb272d128e3f770bfa4355c92c7d8e13e91a71c7ef56e3bbeb4d47e465f1baa33e7f962585da37eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    569124a4b535c2074ce72ff8649d198b

    SHA1

    48b6285ef41514483380a8d5515ea10c9ddda05b

    SHA256

    9774af6e47ea973e38e36f1202bb42e66b8ef47be8589fee315c89195358c835

    SHA512

    a84fe77eafb052e70b3c59775f6e538a5d7f3d5eb45f77aaa8ff9bde21fdd6d3fec412fb18cf406e1b43e0618c8a36aad3b803ba6090d72104bdd30557be177d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ee77c12432360e42921c25d634efca6

    SHA1

    80ff406b04bf56db77bca202797455569e8970f5

    SHA256

    b1d5f96e2f4307f112210cab1f1ab3772b373e93ac57c757854c7fa85b61490e

    SHA512

    e7b4942ffc8aeea20c414e57cb8a268d59596ea65a0f35801d5e3d73985f0d60d276ed3213b38b73b51580fdb74725d84bd76ae893471aec9e3ee643a62858f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6023c2a5cb074c8a50f49a728090677

    SHA1

    9da638a1ec0fcb2e70f92f4f478c6f10ee97d650

    SHA256

    d0854292d9aa01607d1d0ab8951f643b3aa3feb7262c7d2099d636a715f912c0

    SHA512

    654169730fd28dbcabb6befbae3f8acd553e706bf69f0a43a42f33eed20f5d07d9fa7114b18a0f2edf5dc8627820e5acf401b19780a153cc7484355aba96ebd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fadc303f925323ff2ee0184a5dfc072d

    SHA1

    16a463fe132af8460029f1e8ecb3b74b11039d4f

    SHA256

    f3b220a99d9d3df21ddb807103e69f825c2d791c0e92412357a20863c99c36d2

    SHA512

    19c2196f479e7cbef597e17fe687b559837955c26e1eefc8b3c20254c3d3bedfc47f0a9733c54c7752d58cf04840384b2a8941ecce7457f63777ebc24e97aaf9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc9727561d9d0c298b8de3ea1e1f50bd

    SHA1

    fc34da39eaaaf875b4318d3da5e0c0ec4dc0c0bd

    SHA256

    b626543545b5771545ecc88a4dcec324df61993fd8ce652358fe783c8b3b8bb6

    SHA512

    2f4fbf3a4df147972a2e5dc5a2a1591fc158b04fb62e8580a11e559cf9c85f4f8ce343498f9b9f54eea155a5a5493ee3b6386e2d6239b9f367a3c64c1af8a93a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ec5c9871a1ac31cd17b9587622c214d

    SHA1

    858137a8e381bb62f4cb84b2ee6ac74e3d3d78b5

    SHA256

    2c46a875c327c292922217847d33890cccc955569165b843fe14b59771af66ba

    SHA512

    7347de847a9b3bff36bf84d6681222d52279311ade605843ccab79591ec93b073d46637510dbe6958ef5553aa78636b014f84fe71e64cbc47dcfc5161f9644b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    909e72924be4a5807d984032633a25a1

    SHA1

    d24f2cc3502cc92ba2c10f67e654b3dfda63eb6c

    SHA256

    84888cb0af8c26d3596021dd8da5f6548415c50863c0bcd0e7c301b25d94eaa7

    SHA512

    024ee84118a017a91bd45eed7530477c5827f854f48c65d3a414b364dffebb6230d0e51b31909bea593bceade4d8bf916002c78fc616686a5f6ec524024ed0dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb6f61bf9c47689cafff8f0276020066

    SHA1

    e0945e6ac3126109f1c66dd6f6e83edf873180a0

    SHA256

    ba48f90d45582e88c04e654fbd38757a49e31afc8cc3d41547eb9accea49858c

    SHA512

    a0cd9a28d2ba6514ac13c29f6a957f03b5e1bf8ed0c96d32e3203eda1713ffc49ee8b450bf27b4eae46ee3bc1eef8ab40ee8d197bfd6f310cebac6dfd4769969

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75557e13a089035e1e9e77e2c371f45c

    SHA1

    18e589324c9562885a1c39edce1745a55d4a209a

    SHA256

    32f83ff9137267bafa33451baaf9e504999ce7dca4903f864b6fc46fac821014

    SHA512

    6dad85073b099ae9569adadb597dbaecb7dc80b65fc0b893a49fa8e9ca0f3e584506ad3797104ae66d9e465726353c3387c512ed3fd99028401a1ed68a3f7e1f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    785b83af49bf3ddb3892a1e425b05433

    SHA1

    3bbac932eeea0c9c4f82ba4677f2d91bb195aa03

    SHA256

    b0e60e0ccea04731ab48525f7ce7e7789d7c2c0564723a0a1a0ab0ef9c0a7ec5

    SHA512

    02f5677a0a96b512a3dc5e5db02fecc0ac7e57b939fa6b865cbf785519bdd469ca9fc2f6d6251816def2dc0d0a06f5908ca98f5cc5cad0864e3f7b13162a3d3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad9d33ebab85dcfc90656985447dc14a

    SHA1

    a726785a5e50b5f1353310a390940264e41d52a7

    SHA256

    e8e9085d35e24a1d0b8ccd5c34c34b9a58c20c4afcdfb93ba34c923ba3e9ec72

    SHA512

    2d24af3b7cc86702dc806f9a388b2371966bbd4f0c5cbd2295d7785bf35344da99eaaac3eed6bf8f02caf753aa343eb1e53258ad29e3559892dc7e2bcb539c1e

  • C:\Users\Admin\AppData\Local\Temp\CabFCD7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFD78.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b